login script test
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
error_reporting(-1);
ini_set('display_errors', 1);
try {
$db = new PDO('mssql:host=localhost\snelstart;dbname=laadlos','test','gerhardwinxp');
echo 'Verbonden met database<br />';
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = $db->prepare("CALL spMagInvoeren(?,?,?,?,?,?,?)");
$username = 'test';
$wachtwoord = 'test';
$ip = $_SERVER["REMOTE_ADDR"];
$computernaam = 'test';
$sessieid = '200';
$sql->bindParam(1 , $username);
$sql->bindParam(2 , $wachtwoord);
$sql->bindParam(3 , $ip);
$sql->bindParam(4 , $computernaam);
$sql->bindParam(5 , $sessieid);
$sql->bindParam(6 , $poging);
$sql->bindParam(7 , $relatieid);
$sql->execute();
}
catch(PDOException $e)
{
echo $e->getMessage();
}
echo "$poging $relatieid";
?>
error_reporting(-1);
ini_set('display_errors', 1);
try {
$db = new PDO('mssql:host=localhost\snelstart;dbname=laadlos','test','gerhardwinxp');
echo 'Verbonden met database<br />';
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = $db->prepare("CALL spMagInvoeren(?,?,?,?,?,?,?)");
$username = 'test';
$wachtwoord = 'test';
$ip = $_SERVER["REMOTE_ADDR"];
$computernaam = 'test';
$sessieid = '200';
$sql->bindParam(1 , $username);
$sql->bindParam(2 , $wachtwoord);
$sql->bindParam(3 , $ip);
$sql->bindParam(4 , $computernaam);
$sql->bindParam(5 , $sessieid);
$sql->bindParam(6 , $poging);
$sql->bindParam(7 , $relatieid);
$sql->execute();
}
catch(PDOException $e)
{
echo $e->getMessage();
}
echo "$poging $relatieid";
?>
Code (php)
1
SQLSTATE[HY000]: General error: 10007 Incorrect syntax near 'test'. [10007] (severity 5) [(null)]
[/quote]
$poging en $relatieid kom ik niet tegen in je script..
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
USE [SluisWWW]
GO
/****** Object: StoredProcedure [dbo].[spMagInvoeren] Script Date: 03/28/2012 15:10:40 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- =============================================
-- Author: Henk Boessenkool
-- Create date: 23 Maart 2012
-- Description: test login
-- =============================================
ALTER PROCEDURE [dbo].[spMagInvoeren]
-- Add the parameters for the stored procedure here
@Usernaam nVarchar(20) ,
@Wachtwoord nvarchar(20),
@IPAdres nvarchar(20),
@Computer nvarchar (20),
@SessieID nvarchar(50),
@PogingenOver integer OUTPUT,
@RelatieNummer integer OUTPUT
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
DECLARE @Success INT
SET NOCOUNT ON;
SET @Success = (SELECT COUNT(*)
FROM contactpersonen
WHERE (username = @Usernaam AND wachtwoord = @Wachtwoord))
IF @Success = 1
BEGIN
SET @RelatieNummer = (SELECT TOP 1 relatie_id FROM [SluisWWW].[dbo].[contactpersonen]
WHERE (username = @Usernaam AND wachtwoord = @Wachtwoord))
END
ELSE SET @RelatieNummer = -1
INSERT INTO [SluisWWW].[dbo].[Logins] (Login,Wachtwoord,RelatieID,IP,Computer,SessieID)
VALUES (@Usernaam,@Wachtwoord,@RelatieNummer,@IPAdres,@Computer,@SessieID)
-- Insert statements for procedure here
END
GO
/****** Object: StoredProcedure [dbo].[spMagInvoeren] Script Date: 03/28/2012 15:10:40 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- =============================================
-- Author: Henk Boessenkool
-- Create date: 23 Maart 2012
-- Description: test login
-- =============================================
ALTER PROCEDURE [dbo].[spMagInvoeren]
-- Add the parameters for the stored procedure here
@Usernaam nVarchar(20) ,
@Wachtwoord nvarchar(20),
@IPAdres nvarchar(20),
@Computer nvarchar (20),
@SessieID nvarchar(50),
@PogingenOver integer OUTPUT,
@RelatieNummer integer OUTPUT
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
DECLARE @Success INT
SET NOCOUNT ON;
SET @Success = (SELECT COUNT(*)
FROM contactpersonen
WHERE (username = @Usernaam AND wachtwoord = @Wachtwoord))
IF @Success = 1
BEGIN
SET @RelatieNummer = (SELECT TOP 1 relatie_id FROM [SluisWWW].[dbo].[contactpersonen]
WHERE (username = @Usernaam AND wachtwoord = @Wachtwoord))
END
ELSE SET @RelatieNummer = -1
INSERT INTO [SluisWWW].[dbo].[Logins] (Login,Wachtwoord,RelatieID,IP,Computer,SessieID)
VALUES (@Usernaam,@Wachtwoord,@RelatieNummer,@IPAdres,@Computer,@SessieID)
-- Insert statements for procedure here
END